Microsoft Open Management Infrastructure (OMI) Critical Vulnerabilities Under Active Exploitation – OMIGOD

• Post author:Shakeel Bhat
• Post published:September 21, 2021
• Post category:Endpoint Security and Management/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:4 mins read

Microsoft Open Management Infrastructure (OMI) is an open-source project which allows users to manage configurations across remote and local environments…

Continue ReadingMicrosoft Open Management Infrastructure (OMI) Critical Vulnerabilities Under Active Exploitation – OMIGOD

Zoho Patches Critical Zero-day Flaw in its ADSelfService plus Exploited in The Wild

• Post author:Vijay Chachadi
• Post published:September 9, 2021
• Post category:Endpoint Management/Featured Articles/IT Asset Management/Patch Management/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:2 mins read

Zoho recently published a security advisory to patch a remote code execution (RCE) vulnerability existing in Zoho ADSelfService plus. The…

Continue ReadingZoho Patches Critical Zero-day Flaw in its ADSelfService plus Exploited in The Wild

Sophos UTM Creating a ‘Big’ Bounty with Remote Code Execution Flaw

• Post author:Vijay Chachadi
• Post published:August 25, 2021
• Post category:Security Research and Intelligence/Technology and Trends/Vulnerability Management
• Post comments:0 Comments
• Reading time:3 mins read

A critical and high severity remote code execution vulnerability with CVSS 3.x severity base score 9.8 is discovered in Sophos…

Continue ReadingSophos UTM Creating a ‘Big’ Bounty with Remote Code Execution Flaw

WinRM servers are the latest preys for the Wormable Windows HTTP vulnerability

• Post author:Ashwitha Kallalike
• Post published:May 24, 2021
• Post category:Endpoint Security and Management/Patch Management/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:4 mins read

Microsoft recently patched a critical remote code execution vulnerability in the HTTP Protocol Stack (http. sys), used by the Windows…

Continue ReadingWinRM servers are the latest preys for the Wormable Windows HTTP vulnerability

Second Zero-Day Exploit for Google Chrome in the Same Week

• Post author:Ashwitha Kallalike
• Post published:April 16, 2021
• Post category:Patch Management
• Post comments:0 Comments
• Reading time:3 mins read

Google Chrome users who were relieved by patching the recent zero-day advisory are taken aback by the news of another…

Continue ReadingSecond Zero-Day Exploit for Google Chrome in the Same Week

QNAP Patches Critical Vulnerabilities in NAS Appliances

• Post author:Peter Walker
• Post published:February 18, 2021
• Post category:Endpoint Security and Management/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:2 mins read

QNAP addresses multiple vulnerabilities in its product line affecting Surveillance Station and Photo Station applications. These vulnerable software applications are…

Continue ReadingQNAP Patches Critical Vulnerabilities in NAS Appliances

Critical Zero-Day in HPE Systems Insight Manager Revealed

• Post author:Nitish B
• Post published:December 17, 2020
• Post category:Endpoint Security and Management/Security Research and Intelligence/Vulnerability Management
• Post comments:0 Comments
• Reading time:2 mins read

Hewlett Packard Enterprise recently revealed a security flaw in its Systems Insight Manager software. This zero-day bug resides in the…

Continue ReadingCritical Zero-Day in HPE Systems Insight Manager Revealed

Zoom Zero-Day Critical Vulnerability Allows RCE

• Post author:Kumarswamy S
• Post published:July 13, 2020
• Post category:Endpoint Security and Management/SecPod News Updates/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:1 mins read

A critical zero-day vulnerability has been found in Zoom - A video conferencing software, for Windows 7 or below. The…

Continue ReadingZoom Zero-Day Critical Vulnerability Allows RCE

F5 BIG-IP Devices Under Active Exploitation (CVE-2020-5902)

• Post author:Shakeel Bhat
• Post published:July 7, 2020
• Post category:Category(Default) - Do Not Use This/Security Research and Intelligence
• Post comments:0 Comments
• Reading time:3 mins read

F5 BIG-IP is a multi-purpose networking device manufactured by F5 Networks which can be configured to work as traffic shaping…

Continue ReadingF5 BIG-IP Devices Under Active Exploitation (CVE-2020-5902)

Patch Tuesday: Microsoft Security Bulletin Summary for May 2020

• Post author:Jithendra R
• Post published:May 13, 2020
• Post category:Security Research and Intelligence
• Post comments:0 Comments
• Reading time:5 mins read

Microsoft has released May Patch Tuesday security updates, addressing a total of 111 vulnerabilities in the family of Windows operating…

Continue ReadingPatch Tuesday: Microsoft Security Bulletin Summary for May 2020